s3:libsmb/ntlmssp: an empty string should mean no password

[Andrew Bartlett]

On Mon, 2012-04-16 at 14:45 +0200, Stefan Metzmacher wrote:
> The branch, master has been updated
>        via  51e3bbd s4:libcli/smb2: fix anonymous session setups against windows servers
>        via  daa5cec s4:libcli/smb2: remove unused dependency to LIBPACKET
>        via  66d7553 s3:libsmb: fix anonymous session setups against windows servers
>        via  92483ee s3:libsmb/ntlmssp: an empty string should mean no password
>        via  b0939c5 libcli/smb: move smb2cli_session_setup_*() prototypes to the code.
>        via  6054e9a libcli/smb: add smb2cli_session_get_flags()
>        via  c60c2c5 libcli/smb: we should not force a session key for anonymous connections
>       from  b23f5a9 libcli/smb: make use of data_blob_string_const_null()
> 
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
> 

> commit 92483eee254ef6844fe88abe1e64f67033a1ea2d
> Author: Stefan Metzmacher <metze at samba.org>
> Date:   Mon Apr 16 12:32:28 2012 +0200
> 
>     s3:libsmb/ntlmssp: an empty string should mean no password
>     
>     metze

Are you sure this is correct?  With this change, how would we connect to
a server that had "" stored as the password?

I agree this is difficult, but for the anonymous login shouldn't we
check for the "" username instead?

For guest logins, I really don't know how we should handle this - the
behaviour of 'map to guest = bad user' (ie, the windows behaviour)
allows any login name, and presumably even a password.  It is indeed
best to decide this client-side (so we are not fooled into downgraded
security by an un-signed return flag), but I'm not convinced this is the
right approach.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org